<?php
include "../inc-config.php";
include "inc-header-po.php";
print "<body><center>";
$user = $_SESSION['user'];
$getuser = "SELECT * FROM b_users a, b_templates b WHERE b.templateid = a.templateclass AND a.username = '$user'";
$getuser2 = mysql_query($getuser, $forum) or die("Error #1: " . mysql_error());
$getuser3 = mysql_fetch_array($getuser2);

if(!isset($_GET['forumID']))
{
	die("<table class='maintable'><tr class='headline'><td><center><strong>Reply Failed</strong></center></td></tr><tr class='forumrow'><td><center>No Forum Parent Selected</center></td></tr></table>");
} 


$forumID = $_GET['forumID'];
$s = $_SERVER["REMOTE_ADDR"];

$checkip = "SELECT * FROM b_banip WHERE ip='$s'";
$checkip2 = mysql_query($checkip, $forum) or die("Error #2: " . mysql_error());
$checkip3 = mysql_fetch_array($checkip2);

if($checkip3)
{
	die("<table class='maintable'><tr class='headline'><td><center><strong>Reply Failed</strong></center></td></tr><tr class='forumrow'><td><center>Your IP was banned from posting! Go away!</center></td></tr></table>");
}
$ID = $_GET['ID'];

$isthreadlocked = "SELECT *, b_posts.ID AS postid from b_posts, b_forums WHERE b_posts.id = '$ID' AND b_forums.id = b_posts.postforum";
$isthreadlocked2 = mysql_query($isthreadlocked, $forum) or die("Error #3: " . mysql_error());
$isthreadlocked3 = mysql_fetch_array($isthreadlocked2);

if($isthreadlocked3['locked']=='1')
{
	die("<table class='maintable'><tr class='headline'><td><center><strong>Reply Failed</strong></center></td></tr><tr class='forumrow'><td><center>This thread is locked.</center></td></tr></table>");
}
if (isset($_SESSION['user']) || $guestposting)
{
	$user = $_SESSION['user'];
	$getid = "SELECT * FROM b_users WHERE username = '$user'";
	$getid2 = mysql_query($getid) or die("Error #4: " . mysql_error());
	$getid3 = mysql_fetch_array($getid2);
	
	$getforuminfo = "SELECT * FROM b_forums WHERE ID='$forumID'";
	$getforuminfo2 = mysql_query($getforuminfo, $forum) or die("Error #5: " . mysql_error());
	$getforuminfo3 = mysql_fetch_array($getforuminfo2);
	if(!$_SESSION['user'])
	{
		$getid3[status]=-1;
	}
	if($getforuminfo3['permission_reply'] > $getid3['status'])
	{
		die("<table class='maintable'><tr class='headline'><td><center><strong>Reply Failed</strong></center></td></tr><tr class='forumrow'><td><center>You Do not have permission to post in this forum</center></td></tr></table>");
	}
	if($getid3['banned'] == "Yes")
	{
		die("<table class='maintable'><tr class='headline'><td><center><strong>New Topic Failed</strong></center></td></tr><tr class='forumrow'><td><center>You have been banned from posting</center></td></tr></table>");
	} 
	if(isset($_POST['reply']))
	{
		if(!$_POST['name'] || !$_POST['post'])
		{
			print "<table class='maintable'>";
			print "<tr class='headline'><td><center><strong>Reply Failed</strong></center></td></tr>";
			print "<tr class='forumrow'><td><center>";
			print "One of the required fields was not filled in, please go back and try again.";
			print "</td></tr></table>";
		}
		else
		{
			$name = $getid3['userID'];
			$post = $_POST['post'];
			$title = $_POST['title']; 
			$day = date("D M d, Y H:i:s");
			$timegone = date("U") ;
			if($_POST['nosmiley'])
			{
				$nosmiley=1;
			}
			else
			{
				$nosmiley=0;
			}
			if(!$_SESSION['user'])
			{
				$user = "Guest";
			}
			$threadparent = $_POST['threadparent'];
			$name = htmlspecialchars($name);
			$title = htmlspecialchars($title);
			$post = strip_tags($post,'<p><a><b><i><img><u><font>[url][img][URL][IMG][FONT][font]<sub><sup><span><li><size>[list][o][size][s][mail]');
			$s = $_SERVER["REMOTE_ADDR"];
			
			$posting = "INSERT INTO b_posts (author, title, post,timepost, telapsed, threadparent, postforum,lastpost,nosmilies,ipaddress ) values ('$name', '$title', '$post', '$day', '$timegone', '$threadparent', '$forumID','$user','$nosmiley','$s')";
			mysql_query($posting, $forum) or die("Error #6: " . mysql_error());
			
			$update="UPDATE b_posts SET numreplies=numreplies+1, timepost='$day', telapsed='$timegone', lastpost='$user' where ID='$threadparent'";
			mysql_query($update, $forum) or die("Error #7: " . mysql_error());
			
			$upforum="UPDATE b_forums set numposts=numposts+1,lastpost='$day',lastpostuser='$user',lastposttime='$timegone' where ID='$forumID'";
			mysql_query($upforum, $forum) or die("Error #8: " . mysql_error());
			
			if($_SESSION['user'])
			{
				$timenow = date("U");
				$updateuser = "update b_users set Posts=Posts+1, lastposttime='$timenow' where username='$user'";
				mysql_query($updateuser, $forum) or die("Error #9: " . mysql_error());
			}
			print "<table>";
			print "<tr><td><center><strong>Reply Successfull</strong></center></td></tr>";
			print "<tr class='forumrow'><td><center>";
			print "Thanks for posting. Redirecting to topic. <META HTTP-EQUIV = 'Refresh' Content = '1; URL =index.php?forumID=$forumID&ID=$threadparent'>";
			print "</td></tr></table>";
		}
	}
	else
	{
?>  
<br /><br /><br /><br />
<table id="editform" cellpadding="0" cellspacing="1">
	<tr>
		<td style='background-image: url(../images/transpblack.png)' colspan="2"><center><strong>Reply</strong></center></td>
	</tr>
	<tr>
		<td colspan="2"><? print "<br><b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Name:</b> $user<br><br>";?></td>
	</tr> 
	<tr>
		<td rowspan="2" id="smilies">
			<font color="#CCCCCC">Smilies</font><br />
			<a href="javascript:smilie(':)')"><img src="images/smilies/smile.gif" alt="smile" title="smile" /></a>
			<a href="javascript:smilie(':D')"><img src="images/smilies/bigsmile.gif" alt="bigsmile" title="bigsmile"/></a><br />
			<a href="javascript:smilie(':p')"><img src="images/smilies/tongue.gif" alt="tongue" title="tongue" /></a>
			<a href="javascript:smilie(':[lol]')"><img src="images/smilies/lol.gif" alt="lol" title="lol" /></a><br />
			<a href="javascript:smilie(':[angry]')"><img src="images/smilies/angry.gif" alt="angry" title="angry" /></a>
			<a href="javascript:smilie(':[wacko]')"><img src="images/smilies/wacko.gif" alt="wacko" title="wacko" /></a><br />
			<a href="javascript:smilie(':[cool]')"><img src="images/smilies/cool.gif" alt="cool" title="cool" /></a>
			<a href="javascript:smilie(':[frown]')"><img src="images/smilies/frown.gif" alt="frown" title="frown" /></a><br />
			<a href="javascript:smilie(':[ninja]')"><img src="images/smilies/ninja.gif" alt="ninja" title="ninja" /></a>
			<a href="javascript:smilie(':[wink]')"><img src="images/smilies/wink.gif" alt="wink" title="wink" /></a><br />
			<a href="javascript:smilie(':[sad]')"><img src="images/smilies/sad.gif" alt="sad" title="sad" /></a>
			<a href="javascript:smilie(':[sleep]')"><img src="images/smilies/sleep.gif" alt="sleep" title="sleep" /></a><br />
			<a href="javascript:smilie(':[dry]')"><img src="images/smilies/dry.gif" alt="dry" title="dry" /></a>
			<a href="javascript:smilie(':[huh]')"><img src="images/smilies/huh.gif" alt="huh" title="huh" /></a><br />
			<a href="javascript:smilie(':o')"><img src="images/smilies/shocked.gif" alt="shocked" title="shocked" /></a>
			<a href="javascript:smilie(':[happy]')"><img src="images/smilies/happy.gif" alt="happy" title="happy" /></a><br />
			<a href="javascript:smilie(':[mellow]')"><img src="images/smilies/mellow.gif" alt="mellow" title="mellow" /></a>
			<a href="javascript:smilie(':[confused]')"><img src="images/smilies/confused.gif" alt="confused" title="confused" /></a><br />
			<a href="javascript:smilie(':[unsure]')"><img src="images/smilies/unsure.gif" alt="unsure" title="unsure" /></a>
			<a href="javascript:smilie(':[wub]')"><img src="images/smilies/wub.gif" alt="wub" title="wub" /></a>
		</td>
		<td>   
			<button onclick="addPTag(document.getElementById('text'),'b','b')" style="font-size:10px;background-color:#000000; color:#cccccc"><b>Bold</b></button>
			<button onclick="addPTag(document.getElementById('text'),'i','i')" style="font-size:10px;background-color:#000000; color:#cccccc"><i>Italic</i></button>
			<button onclick="addPTag(document.getElementById('text'),'u','u')" style="font-size:10px;background-color:#000000; color:#cccccc"><u>Underline</u></button>
			<button onclick="addPTag(document.getElementById('text'),'s','s')" style="font-size:10px;background-color:#000000; color:#cccccc"><span style="text-decoration:line-through">Strike Trough</span></button>
			<button onclick="addPTag(document.getElementById('text'),'img','img')" style="font-size:10px;background-color:#000000; color:#cccccc">Image</button>
			<button onclick="addPTag(document.getElementById('text'),'url','url')" style="font-size:10px;background-color:#000000; color:#cccccc">Url</button>	
			<button onclick="addPTag(document.getElementById('text'),'item=12345,white','item')" style="font-size:10px;background-color:#000000; color:#cccccc">Item</button><br /><div style="margin:6px"></div>
			<button onclick="addPTag(document.getElementById('text'),'quote','quote')" style="font-size:10px;background-color:#000000; color:#cccccc">Q u o t e</button>
			<button onclick="addPTag(document.getElementById('text'),'code','code')" style="font-size:10px;background-color:#000000; color:#cccccc">Code</button>
			<button onclick="addPTag(document.getElementById('text'),'mail','mail')" style="font-size:10px;background-color:#000000; color:#cccccc">E-Mail</button>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
			<button onclick="addPTag(document.getElementById('text'),'align=left','align')" style="font-size:10px;background-color:#000000; color:#cccccc">Left&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</button>
			<button onclick="addPTag(document.getElementById('text'),'align=center','align')" style="font-size:10px;background-color:#000000; color:#cccccc">Center</button>
			<button onclick="addPTag(document.getElementById('text'),'align=right','align')" style="font-size:10px;background-color:#000000; color:#cccccc">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Right</button>
<?php
		print "<form action='reply.php?forumID=$forumID' method='post' name='editform'>";
		if(!$_SESSION['user'])
		{
			$getguest="SELECT * FROM b_users WHERE username='Guest'";
			$getguest2=mysql_query($getguest) or die(mysql_error());
			$getguest3=mysql_fetch_array($getguest2);
			print "<input type='hidden' name='name' value='$getguest3[userID]'><br>";
		}
		else
		{    
			print "<input type='hidden' name='name' value=$getid3[userID]><br>";
		}  
		print "<input type='hidden' name='threadparent' value=$ID>";
?>
		</td>
	</tr>
	<tr>
		<td>
			<b>Post:</b><br />
			<textarea rows="10" cols="50" name="post" class="form_elements_text" id="text"></textarea>
		</td>
	</tr>
	<tr>
		<td colspan="2" id="post">
			<input type="submit" name="reply" value="Post" class="button" />
		</td>
	</tr>
</table>
</form>
<?php
	}
}
else
{
	print "<br><br><br><br><table>";
	print "<tr><td><center>Reply</center></td></tr>";
	print "<tr class='forumrow'><td><center>";
	print "Not logged in, please <A href='login.php'>go here</a> to log in";
	print "</td></tr></table>";
}
?>
</center>
</body>
</html>
